“Oh, and before I forget, as soon as you get it, if the shoe mount is made of metal put a piece of electrical tape on the top of it where the flash sits. It could screw up the electronics in the month’s-rent-worth-of-strobe you have sitting up there if you don’t. I’m not kidding about that”.

My photographic output is generally well received by models and friends alike, but they are not a very critical bunch so being content with the status quo would be utterly presumptuous from my part. But there is no danger of that, as kaizen is very dear to my heart.

Although I now have a good grasp of basic tools such as various selection implements, levels, curves, noise reduction and sharpening, my retouching skills are still very far from anything serious. Training helps me creep slowly forward, but it has now been a few months since it dawned on me that those skills probably won’t improve much more until I get myself to learn dealing with layers and transparency. Spray painting with the clone brush on the background layer is better than nothing, but a good layered makeup with gaussian blur and assorted masking trickery is what I am really aiming for.

The tool I am missing is called “adjustment layers” : “an adjustment layer typically applies a common effect like brightness or saturation to other layers. However, as the effect is stored in a separate layer, it is easy to try it out and switch between different alternatives, without destroying the original layer. In addition, an adjustment layer can easily be edited, just like a layer mask, so an effect can be applied to just part of the image“.

“The benefit to using adjustment layers is that no edit is permanent until you flatten the image. You can even save the image with all of its adjustment layers as a Photoshop Document (.psd), and when you reopen it, all the changes you made to the adjustment layers will still be there for you to change back, remove, or alter.

If you were to, for example, edit curves without layers, then go on to change saturation, crop the image, then add vignetting, the only way to go back and change what you did to the curves would be to go back in the history, to when you changed the curve (thus losing all work done since), or start the image editing from scratch.

With adjustment layers, however, so long as that adjustment layer is still there, you can go back and alter the adjustment at any point in the editing process”.

But with all this talk about tools, let’s not forget to sharpen those retouching skills too. And while retouching let’s not forget about those photographic skills either. Let’s start with this example of bad lighting :

Under bounce flash, the shadows under the cheeks of this particular model are not nice. Next time I’ll try using my brand new pocket studio lighting to get rid of them… And that illustrates that as usual there is more than one way to improve an image. After a whole article of ranting about image manipulation tools I want to conclude by putting them back into perspective : digital hackery will always come second to getting a good exposure.

Even cheap AC powered lights provide more power than the Canon portable strobes will ever put out, but I can carry the portable strobes anywhere in my backpack and set the up on a whim – and that fits my lifestyle much better. As Strobist says : “larger strobes have their place, but they tend to spend a lot of time in trunks and stuffed under beds. But the small, everyday strobe is always in the waistpack ready to go“.

After that first experience I can already say that I do not regret my decision. A bunch of 580EX are really a pocket studio all by themselves – and with a €4 screw mount adapter I can even make good use of those flimsy toy tripods given away with breakfast cereal packs and spotting scopes. I now have ample room to grow my lighting skills and have loads of fun on the way. Expect more multiple flash experiments !

A quick look at the available modules in /etc/apache2/mods-available showed me that in addition to mod_proxy.so I also had mod_proxy_ajp.so, mod_proxy_balancer.so, mod_proxy_connect.so, mod_proxy_ftp.so, mod_proxy_html.so and mod_proxy_http.so. On a hunch I decided that mod_proxy_http.so was the best candidate so I tried that first.

I automatically generate daily statistical reports for my web sites traffic using Awstats. Awed by Awstats extensive reporting capabilities I enabled everything with full details and let it run like that. Erik, one of my favorite contradictors, found that I may have gone a bit too far on that one. Of course I first dismissed that as one of his usual privacy rants – we both have very different ideas of how much personal information we should let the public know about us. But a quick costs/benefits analysis showed that for once we actually had some common ground.

First he mentioned that my reports were indexed by search engines. I was aware of that but I saw no wrong about it and did not even bother adding a robots exclusion pattern. But having the statistical reports indexed brought no one any significant value : all users had other ways to access them through links. So the benefit was zero. In addition, the indexation of pages containing referer links promotes referer spam – and everyone know how much I love to hate spammers. The costs/benefits analysis provided a clear conclusion and the corresponding robots.txt was therefore swiftly added.

Then Erik mentioned the presence of IP addresses in the Awstats reports. I had never given any thought about those, but the privacy breach was obvious : ill intentioned organizations could easily track the users who indulge in a visit to my hall of deviant ramblings. My first reaction was to consider that whoever wants to hide can use an anonymous proxy or a Tor onion routing gateway. But Erik made me realize that we are dealing with the clueless masses. And as plentypotent semi-divinities with root access we have a duty to protect them from their own lack of clues.

Moreover it occurred to me that this report is not very useful. I need the IP addresses as raw material to generate about every piece of statistical data, but that can very well be done done anonymously. The only redeeming value of the section of the report containing IP addresses is letting me know if a handful of hosts are actually generating all the traffic. The value of this information strongly decreases as traffic reaches statistically significant numbers. So once again the costs/benefits analysis provides an easy conclusion : letting the hosts report go would not be too painful either. Ideally I would keep it in an anonymous form. But that would require modifying Awstats and I am not going to allocate resources to that today. So for now I am just going to tell Awstats to skip it.

To those who doubt that I can change my mind : I can readily change my mind with ease, but I require to be convinced either by myself alone or with the assistance of a third party. Let this be an example for those who lost all hope of convincing me.

I thought I had spam pretty much under control, with only about one getting though every few days. And then came image spam. No suspicious words, just a load of bayes poison and an image to carry the actual message. Half of my antispam arsenal was suddenly rendered useless. I was back to suffering one or two spam messages every day.

“The level of image spam has increased dramatically this year,” says Carole Theriault, a senior consultant at Sophos cited by New Scientist. According to New Scientist, Sophos estimates that, at the beginning of the year, image spam accounted for only 18% of unsolicited mail but that this has since risen to 40%.

But with a production server on my hands and precious little time to maintain it I wished to stick to packages distributed by Debian so I waited a little longer for packaging while my users suffered. To my great relief, Christmas came a few days earlier this year – FuzzyOcr hit Debian unstable yesterday ! Mail server administrators rejoice ! Somebody must have been even more pissed off than me about image spam and decided to make the Debian packaging work…

This Spamassassin plugin checks for specific keywords in image/gif, image/jpeg or image/png attachments, using gocr (an optical character recognition program). This plugin can be used to detect spam that puts all the real spam content in an attached image, while the mail itself is only random text and random html, without any URL’s or identifiable information. Additionally to the normal OcrPlugin, it can do approximate matches on words, so errors in recognition or attempts to obfuscate the text inside the image will not cause the detection to fail.

But a debug log is worth a thousand words, so here is a choice output :

Sweet isn’t it ? And that antispam OCR goodness is just an ‘apt-get install fuzzyocr’ away !

The only parameters I changed in /etc/FuzzyOcr.cf are the following :

focr_verbose 2.0
focr_logfile /var/log/fuzzyocr.log
focr_timeout 16

The two first are self-explanatory : I just want to know what is going on. The original timeout was 12 seconds and I found that it was often too short for my puny server – apparently 16 seconds are more than enough. I restarted Amavisd-new who handles calling SpamAssassin and I was done !

I was afraid that FuzzyOcr would load my host too much but I found my fears unfounded : FuzzyOcr only scan messages which where not recognized yet as ham or spam by other SpamAssassin rules or plugins. So the additional load was not noticeable among all the heavy antispam and antiviral machinery that already operated. FuzzyOcr is full of nice surprises !

As a conclusion I must say that, on our mail server, FuzzyOcr is a complete success. I recommend that you install it as soon as possible !

Versamail, the default mail application on my Treo 650 is good for casually checking a handful of new messages in the inbox but it comes short for about anything else. For searching accross my 5 GB of mail in a hundred folders and accessing them accross a wet string, Mutt is by far the best remote solution.

Although twenty-four years younger than Vi, Mutt was apparently also designed to thrive in an environment made of appaling latency, tiny bitrates and screens with an even lower definition than the Treo‘s screen. GPRS really feels like my first 2400 baud modem, so to me a command line with Lbdb, Mairix, Mutt and Vim definitely seems to be the perfect match for GPRS on the Treo.

A few weeks ago I established a SSH session from my Treo with Pssh through Orange France‘s GPRS network ! SSH on Orange France‘s GPRS network used to be stupidly forbidden for no apparent reason, neither technical nor commercial, but someone apparently wised up.

Mobile SSH is just grand ! A few years ago with a laptop I used 9600 bps CSD from an Erisson SH888 accross an IrCOMM infrared link. But the burden of a laptop is gone and SSH is now truly available on the go.

Pssh‘s inability to go to the background without losing its connection is annoying. But apart from that it does the job just fine by giving me mobile access to the wonderful world of the Unix command line – and that means that I can now potentially do almost anything anywhere. Isn’t that sweet ?

The “Tale of the Three Princes of Serendip” is [a] literary framework of ancient Indo-Persian origin. [..] Renaissance brought this collection of Oriental legends of travels, riddles, sagacity in solving them, to the European stage. The Tramezzini of Venice, brother-editors, used a fictional author to offer it to the public in 1557. Horace Walpole (1717–1797), son of the famous British prime minister, sitting in his estate in Strawberry Hill in Twickenham, Middlesex, translated the sagacity of the three princes into a concept which he labeled “serendipity” in a letter to Horace Mann, British envoy at the Florentine Court, dated January 28, 1754. Literally, he wrote of the three princes: “they were always making discoveries, by accidents and sagacity, of things they were not in quest of”. [..] Semantically, the referral points to the island of Sri Lanka (Ceylon of yesteryear). (Serendip) is the historical Arabo-Persian- form of Sri Lanka, a word with Sanskrit (Pali) origin, naming the island of Singhalese (Sinhala dvipa) and kept alive in folk tales and legends of this area.

How that relates with Investigative Dermatology is anybody’s guess but I would bet that the author has made a lame attempt at making it topical by putting it on account of serendipity. Anyway…